| |||||||||||||
STEED: End-to-end email encryptionSTEED: End-to-end email encryptionPosted Oct 27, 2011 9:19 UTC (Thu) by nmav (subscriber, #34036)Parent article: STEED: End-to-end email encryption
Very interesting idea and approach. It might be the key to turn e-mail to secure by default. Congratulations to Werner and Marcus.
(Log in to post comments)
STEED: End-to-end email encryption Posted Oct 27, 2011 13:08 UTC (Thu) by Klavs (subscriber, #10563) [Link]
Nice idea - but I for one - would very much prefer my email being stored UNENCRYPTED on my own imap server (which may store things on an encrypted home-partition or not) - and then just access my mail using imaps and https (for webmail).
I hope they make room for that in the standard. In this way, postfix (or some other mailserver) could simply decrypt the email, if it's for local delivery - and set some markers for the MUA - to verify keys etc.
STEED: End-to-end email encryption Posted Oct 27, 2011 13:51 UTC (Thu) by brinkmd (subscriber, #45122) [Link]
Hi,
stripping the encryption locally and storing unencrypted is fine, there is nothing standing in the way. You will want to keep signatures though (that's possible because mail is first signed then encrypted, and you only strip the outer layer), and use our trust model. You will also want to use opportunistic encryption and automatic key retrieval and distribution.
Thanks,
STEED: End-to-end email encryption Posted Oct 28, 2011 10:56 UTC (Fri) by josh (subscriber, #17465) [Link]
Personally, I'd like to do the opposite: encrypt email to my GPG public key upon receipt, so that I can store it on my IMAP server for convenient access from a couple of devices, without leaving it on my server unencrypted.
|
|||||||||||||